package com.dog.basics.admin.security;


import cn.hutool.core.util.ObjectUtil;
import com.dog.basics.common.util.RedisUtil;
import com.dog.basics.security.constants.SecurityConstants;
import com.dog.basics.security.exception.BadCredentialsExceptionBase;
import com.dog.basics.security.exception.BaseDogAuth2Exception;
import com.dog.basics.security.exception.ImageCodeNotMatchExceptionBase;
import com.dog.basics.security.exception.UsernameNotFoundExceptionBase;
import com.dog.basics.security.provider.AbstractUserDetailsAuthenticationProvider;
import com.dog.basics.security.service.DogUserDetailsService;
import lombok.AllArgsConstructor;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;

/**
 * 后台管理员账号密码登陆
 *
 * @author dog
 */
@Component
@AllArgsConstructor
public class AdminAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {

    private final DogUserDetailsService DogUserDetailsService;

    private final PasswordEncoder passwordEncoder;

    @Override
    protected UserDetails retrieveUser(String username, Authentication authentication) throws BaseDogAuth2Exception {
        //登陆校验
        AdminAuthenticationToken adminAuthenticationToken = (AdminAuthenticationToken) authentication;

        String kaptchaKey = SecurityConstants.SPRING_SECURITY_RESTFUL_IMAGE_CODE + adminAuthenticationToken.getSessionUUID();

        Integer kaptcha = RedisUtil.get(kaptchaKey);

        RedisUtil.del(kaptchaKey);
        // 判断验证码



		if (ObjectUtil.isNull(kaptcha) || ObjectUtil.isNull(adminAuthenticationToken.getImageCode())) {
			throw new ImageCodeNotMatchExceptionBase("验证码有误");
		}
		Integer xpos = adminAuthenticationToken.getImageCode() - kaptcha;
		if (xpos > 3 || xpos < -3) {
			throw new ImageCodeNotMatchExceptionBase("验证码有误");
		}




        UserDetails user;
        try {
            user = DogUserDetailsService.loadUserByUsername(username);
        } catch (UsernameNotFoundExceptionBase var6) {
            throw new UsernameNotFoundExceptionBase(var6.getMessage());
        }

        String encodedPassword = user.getPassword();
        String rawPassword = authentication.getCredentials().toString();

        // 密码不正确
       if (!passwordEncoder.matches(rawPassword, encodedPassword)) {
            throw new BadCredentialsExceptionBase("账号或密码不正确");
        }

        if (!user.isEnabled()) {
            throw new UsernameNotFoundExceptionBase("账号已被锁定,请联系管理员");
        }
        return user;
    }


    @Override
    protected Authentication createSuccessAuthentication(Authentication authentication, UserDetails user) {
        AdminAuthenticationToken result = new AdminAuthenticationToken(user, authentication.getCredentials());
        result.setDetails(authentication.getDetails());
        return result;
    }


    @Override
    public boolean supports(Class<?> authentication) {
        return AdminAuthenticationToken.class.isAssignableFrom(authentication);
    }
}
